Difference between revisions of "Mounting an encrypted LVM"
From Klaus' wiki
(Created page with 'If you want to mount an encrypted LVM disk on another system, for instance for recovery, follow this procedure: First attach the disk to the system and identify the device <sour…') |
|||
Line 55: | Line 55: | ||
Disk /dev/dm-2 doesn't contain a valid partition table | Disk /dev/dm-2 doesn't contain a valid partition table | ||
− | |||
</source> | </source> | ||
it is probably /dev/sdb | it is probably /dev/sdb | ||
+ | <source lang="bash"> | ||
+ | ]# lvmdiskscan | ||
+ | </source> | ||
<source lang="text"> | <source lang="text"> | ||
/dev/ram0 [ 16.00 MiB] | /dev/ram0 [ 16.00 MiB] | ||
Line 145: | Line 147: | ||
<source lang="bash"> | <source lang="bash"> | ||
− | lvscan | + | ]# lvscan |
</source> | </source> | ||
<source lang="text"> | <source lang="text"> | ||
Line 182: | Line 184: | ||
</source> | </source> | ||
− | Now the partition we're interested in are active available for mounting. | + | |
+ | Now the partition we're interested in are active available for mounting. But since its a encrypted logical volume we'll have to find it in /dev/mapper | ||
+ | |||
+ | <source lang="bash"> | ||
+ | ]# cd /dev/mapper | ||
+ | ]# ll | ||
+ | </source> | ||
+ | <source lang="text"> | ||
+ | total 0 | ||
+ | crw-------. 1 root root 10, 62 Oct 13 09:14 control | ||
+ | lrwxrwxrwx. 1 root root 7 Oct 13 10:00 luks-fedora -> ../dm-3 | ||
+ | lrwxrwxrwx. 1 root root 7 Oct 13 09:14 vg_klauslenovo-lv_home -> ../dm-2 | ||
+ | lrwxrwxrwx. 1 root root 7 Oct 13 09:14 vg_klauslenovo-lv_root -> ../dm-0 | ||
+ | lrwxrwxrwx. 1 root root 7 Oct 13 09:14 vg_klauslenovo-lv_swap -> ../dm-1 | ||
+ | lrwxrwxrwx. 1 root root 7 Oct 13 10:04 VolGroup00-LogVol00 -> ../dm-4 | ||
+ | lrwxrwxrwx. 1 root root 7 Oct 13 10:04 VolGroup00-LogVol01 -> ../dm-6 | ||
+ | lrwxrwxrwx. 1 root root 7 Oct 13 10:04 VolGroup00-LogVol02 -> ../dm-5 | ||
+ | </source> |
Revision as of 10:49, 13 October 2011
If you want to mount an encrypted LVM disk on another system, for instance for recovery, follow this procedure:
First attach the disk to the system and identify the device
]# fdisk -l
Disk /dev/sda: 320.1 GB, 320072933376 bytes 255 heads, 63 sectors/track, 38913 cylinders, total 625142448 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xa028d32f Device Boot Start End Blocks Id System /dev/sda1 * 2048 1026047 512000 83 Linux /dev/sda2 1026048 625141759 312057856 8e Linux LVM Disk /dev/sdb: 1000.2 GB, 1000204886016 bytes 255 heads, 63 sectors/track, 121601 cylinders, total 1953525168 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00077ade Device Boot Start End Blocks Id System /dev/sdb1 * 63 401624 200781 83 Linux /dev/sdb2 401625 1953520064 976559220 8e Linux LVM Disk /dev/dm-0: 53.7 GB, 53687091200 bytes 255 heads, 63 sectors/track, 6527 cylinders, total 104857600 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/dm-0 doesn't contain a valid partition table Disk /dev/dm-1: 5167 MB, 5167382528 bytes 255 heads, 63 sectors/track, 628 cylinders, total 10092544 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/dm-1 doesn't contain a valid partition table Disk /dev/dm-2: 260.7 GB, 260684382208 bytes 255 heads, 63 sectors/track, 31693 cylinders, total 509149184 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x00000000 Disk /dev/dm-2 doesn't contain a valid partition table
it is probably /dev/sdb
]# lvmdiskscan
/dev/ram0 [ 16.00 MiB] /dev/root [ 50.00 GiB] /dev/ram1 [ 16.00 MiB] /dev/sda1 [ 500.00 MiB] /dev/vg_klauslenovo/lv_swap [ 4.81 GiB] /dev/ram2 [ 16.00 MiB] /dev/sda2 [ 297.60 GiB] LVM physical volume /dev/vg_klauslenovo/lv_home [ 242.78 GiB] /dev/ram3 [ 16.00 MiB] /dev/ram4 [ 16.00 MiB] /dev/ram5 [ 16.00 MiB] /dev/ram6 [ 16.00 MiB] /dev/ram7 [ 16.00 MiB] /dev/ram8 [ 16.00 MiB] /dev/ram9 [ 16.00 MiB] /dev/ram10 [ 16.00 MiB] /dev/ram11 [ 16.00 MiB] /dev/ram12 [ 16.00 MiB] /dev/ram13 [ 16.00 MiB] /dev/ram14 [ 16.00 MiB] /dev/ram15 [ 16.00 MiB] /dev/sdb1 [ 196.08 MiB] /dev/sdb2 [ 931.32 GiB] 3 disks 19 partitions 0 LVM physical volume whole disks 1 LVM physical volume
in this case its the /dev/sdb2 partition we're after. It encrypted, so we need to give it a password to open it:
]# cryptsetup luksOpen /dev/sdb2 luks-fedora
if it returns without errors issue:
]# lvmdiskscan
once again and notice the difference:
/dev/ram0 [ 16.00 MiB] /dev/root [ 50.00 GiB] /dev/ram1 [ 16.00 MiB] /dev/sda1 [ 500.00 MiB] /dev/vg_klauslenovo/lv_swap [ 4.81 GiB] /dev/ram2 [ 16.00 MiB] /dev/sda2 [ 297.60 GiB] LVM physical volume /dev/vg_klauslenovo/lv_home [ 242.78 GiB] /dev/ram3 [ 16.00 MiB] /dev/mapper/luks-fedora [ 931.32 GiB] LVM physical volume /dev/ram4 [ 16.00 MiB] /dev/ram5 [ 16.00 MiB] /dev/ram6 [ 16.00 MiB] /dev/ram7 [ 16.00 MiB] /dev/ram8 [ 16.00 MiB] /dev/ram9 [ 16.00 MiB] /dev/ram10 [ 16.00 MiB] /dev/ram11 [ 16.00 MiB] /dev/ram12 [ 16.00 MiB] /dev/ram13 [ 16.00 MiB] /dev/ram14 [ 16.00 MiB] /dev/ram15 [ 16.00 MiB] /dev/sdb1 [ 196.08 MiB] /dev/sdb2 [ 931.32 GiB] 3 disks 19 partitions 1 LVM physical volume whole disk 1 LVM physical volume
the /dev/mapper/luks-fedora device is new!
Next insert a module in the kernel
]# modprobe dm-mod
We're almost there, be patient.
We can see issuing lvscan, that the volumes are not active:
]# lvscan
inactive '/dev/VolGroup00/LogVol00' [195.31 GiB] inherit inactive '/dev/VolGroup00/LogVol02' [732.03 GiB] inherit inactive '/dev/VolGroup00/LogVol01' [3.94 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_root' [50.00 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_home' [242.78 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_swap' [4.81 GiB] inherit
so we have to make them active by issuing:
]# vgchange -ay
3 logical volume(s) in volume group "VolGroup00" now active /dev/mapper/VolGroup00-LogVol02 not set up by udev: Falling back to direct node creation. /dev/mapper/VolGroup00-LogVol01 not set up by udev: Falling back to direct node creation. The link /dev/VolGroup00/LogVol02 should had been created by udev but it was not found. Falling back to direct link creation. The link /dev/VolGroup00/LogVol01 should had been created by udev but it was not found. Falling back to direct link creation. 3 logical volume(s) in volume group "vg_klauslenovo" now active
]# lvscan
ACTIVE '/dev/VolGroup00/LogVol00' [195.31 GiB] inherit ACTIVE '/dev/VolGroup00/LogVol02' [732.03 GiB] inherit ACTIVE '/dev/VolGroup00/LogVol01' [3.94 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_root' [50.00 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_home' [242.78 GiB] inherit ACTIVE '/dev/vg_klauslenovo/lv_swap' [4.81 GiB] inherit
Now the partition we're interested in are active available for mounting. But since its a encrypted logical volume we'll have to find it in /dev/mapper
]# cd /dev/mapper ]# ll
total 0 crw-------. 1 root root 10, 62 Oct 13 09:14 control lrwxrwxrwx. 1 root root 7 Oct 13 10:00 luks-fedora -> ../dm-3 lrwxrwxrwx. 1 root root 7 Oct 13 09:14 vg_klauslenovo-lv_home -> ../dm-2 lrwxrwxrwx. 1 root root 7 Oct 13 09:14 vg_klauslenovo-lv_root -> ../dm-0 lrwxrwxrwx. 1 root root 7 Oct 13 09:14 vg_klauslenovo-lv_swap -> ../dm-1 lrwxrwxrwx. 1 root root 7 Oct 13 10:04 VolGroup00-LogVol00 -> ../dm-4 lrwxrwxrwx. 1 root root 7 Oct 13 10:04 VolGroup00-LogVol01 -> ../dm-6 lrwxrwxrwx. 1 root root 7 Oct 13 10:04 VolGroup00-LogVol02 -> ../dm-5